5896be17c190eaf92c9c87bbc54841f0

Sharing

Copy URL Twitter E-mail

General

Target

5896be17c190eaf92c9c87bbc54841f0
Size

248KB
MD5

5896be17c190eaf92c9c87bbc54841f0
SHA1

4c46394440c1f6936bdce61eacb1ca9e073e4b71
SHA256

c6fe69256c1576551ba3e63273d60bf0c942ee3cb646e181c9dd4ee0b173d577
SHA512

7db83ea3e2a4df9805aa22f6b47df2e58025f414fe606d4ac849eef1b8e7142f011e349882c188797ab5e310f579de6d4ee2e20cff943b4d941f078a5817d096
SSDEEP

6144:/5T02b31Aw2llnBgRHTaB9V2NhYnXmIC+YyK:x02bFAj6RHG/V2N2nWCK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5896be17c190eaf92c9c87bbc54841f0

Files

5896be17c190eaf92c9c87bbc54841f0
.exe windows:4 windows x86 arch:x86

18736fd233caed1e2247961022fed966

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
LoadResource
FindResourceA
RaiseException
GetTickCount
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcatA
HeapFree
lstrcpyA
HeapAlloc
GetProcessHeap
GetDateFormatA
DosDateTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSize
GlobalFree
WriteFileEx
QueueUserAPC
SleepEx
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
LockResource
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
FlushFileBuffers
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
UnhandledExceptionFilter
TerminateProcess
TlsGetValue
TlsAlloc
HeapReAlloc
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetStartupInfoA
InterlockedDecrement
ExitThread
TlsSetValue
CreateThread
ResumeThread
RtlUnwind
ReadFile
WaitForMultipleObjects
ResetEvent
WriteFile
GetOverlappedResult
GetVersion
GetCommandLineA
GetFullPathNameA
GetComputerNameA
GetCurrentProcessId
InitializeCriticalSection
GetTimeFormatA
lstrlenA
FindFirstFileA
SearchPathA
FindClose
GlobalMemoryStatus
LoadLibraryA
FreeLibrary
GetCurrentDirectoryA
GetSystemDirectoryA
CreateFileA
DeleteFileA
QueryPerformanceFrequency
DeviceIoControl
GetCurrentThreadId
WaitForSingleObject
SetLastError
OpenMutexA
CreateMutexA
CreateFileMappingA
MapViewOfFile
CreateEventA
UnmapViewOfFile
GetSystemTime
SystemTimeToFileTime
QueryPerformanceCounter
SetEvent
InterlockedIncrement
CloseHandle
lstrcpynA
GetLastError
FormatMessageA
LocalFree
GetCurrentProcess
EnterCriticalSection
TerminateThread
LeaveCriticalSection
GetModuleHandleA
GetProcAddress
GetEnvironmentVariableA
SetStdHandle

user32

CheckMenuItem
GetMenu
MessageBoxA
InsertMenuItemA
GetMenuItemCount
GetSubMenu
SetCursor
InvalidateRect
ChildWindowFromPoint
GetSysColor
GetSysColorBrush
LoadCursorA
GetDlgItem
EndDialog
ShowWindow
SetWindowTextA
SetClipboardData
EmptyClipboard
OpenClipboard
CloseClipboard
BeginPaint
EndPaint
PostQuitMessage
CallWindowProcA
GetMenuCheckMarkDimensions
GetDC
GetWindowTextA
LoadIconA
SendMessageA
GetFocus
ClientToScreen
ScreenToClient
GetDialogBaseUnits
DrawFocusRect
GetParent
IsDlgButtonChecked
PostMessageA
CheckRadioButton
RegisterClassExA
FindWindowA
LoadAcceleratorsA
RegisterWindowMessageA
PeekMessageA
MsgWaitForMultipleObjects
TranslateAcceleratorA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowThreadProcessId
SetWindowLongA
GetSystemMetrics
EnableWindow
CheckDlgButton
ReleaseDC
CreateWindowExA
UpdateWindow
RegisterClassA
LoadBitmapA
SetTimer
ModifyMenuA
MoveWindow
KillTimer
DefWindowProcA
LoadStringA
SetWindowPos
InvalidateRgn
CreateDialogParamA
GetClientRect
GetCursorPos
DestroyWindow
SetForegroundWindow
TrackPopupMenu
SetDlgItemTextA
SendDlgItemMessageA
AttachThreadInput
AppendMenuA
SetMenuItemBitmaps
DialogBoxParamA
SetFocus
GetDlgItemTextA
SetCapture
ReleaseCapture
EnableMenuItem
DeleteMenu
GetWindowRect
IsIconic
IsZoomed
DrawTextA

gdi32

GetTextExtentPointA
StartDocA
GetDeviceCaps
CreateFontA
StartPage
TextOutA
EndPage
AbortDoc
SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
GetObjectA
GetStockObject
DeleteDC
StretchBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
GetTextMetricsA
DeleteObject
SetBkColor
ExtTextOutA
GetTextExtentPoint32A
SetAbortProc
EndDoc

ws2_32

closesocket
WSAGetLastError
connect
socket
gethostbyname
htons
htonl
bind
getsockname
listen
accept
WSAStartup
inet_addr
gethostbyaddr

mpr

WNetCancelConnection2A
WNetAddConnection2A

comctl32

ord17
CreateToolbarEx

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
FindTextA
PrintDlgA
ChooseFontA

advapi32

RegOpenKeyExA
OpenSCManagerA
DeleteService
ControlService
OpenServiceA
StartServiceA
QueryServiceStatus
CreateServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegQueryValueExA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

shell32

SHGetMalloc
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHBrowseForFolderA

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

18736fd233caed1e2247961022fed966

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

mpr

comctl32

comdlg32

advapi32

shell32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 99KB

.rsrc Size: 96KB - Virtual size: 94KB

.wrdata Size: 20KB - Virtual size: 20KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 99KB

.rsrc
Size: 96KB - Virtual size: 94KB

.wrdata
Size: 20KB - Virtual size: 20KB